Drivel

I just installed Drivel, a blogging client, so I'm trying it out now. It looks like you can format, although the content pane shows the HTML tags rather than a pretty WYSIWYG field. It's arguably better that way, of course -- different blog APIs can support a different subset of all formatting tags, so allowing (forcing) people to see the tags means you never post something unsupported. In theory, anyway.

Of course, you never know exactly how things are going to look until you post it. So I better do it now!

Drupal, eUKHost, HTML posts and mod_security

Last night I finally figured out something which has been driving me crazy for months: posting HTML (and PHP) content to Drupal (6 or 5) using eUKHost for hosting -- they have Apache's mod_security switched on, but not configured.

Drupal can be installed via Fantastico (an icon on the CPanel administration site that eUKHost gives you), but just didn't work. Every time I tried to post HTML or PHP (or even just something with a particular combination of angle-brackets) I would be redirected to the front page and the content lost. Very frustrating indeed!

I installed and reinstalled Drupal, both from a downloaded package and through Fantastico, and spent a long time looking at the Apache logs and reading about HTTP responses, but eventually I had to admit that it wasn't my setup -- it was eUKHost. So I started searching for that instead, and finally found a comment suggesting that it, "sounds like mod_security isn't setup properly."

So I immediately opened a support ticket with eUKHost, then started researching on how to turn mod_security off. Turns out it's easy -- add the following to your .htaccess file:

SecFilterEngine Off
SecFilterScanPOST Off

Save the file and you're done.